adding updates as suggestedby CS for SRE access information in Approved Access

fixing link in table for Approved Access

updated CS replies

updated numbers

removed number from CEE row in table

Author: fmcdonal

modules/rosa-red-hat-support-access.adoc

@@ -14,20 +14,34 @@ Members of the Red{nbsp}Hat Customer Experience and Engagement (CEE) team typica
 
 | Role | Core namespace | Layered product namespace | Customer namespace | AWS account^*^
 
-|OpenShift SRE| Read: All
+|OpenShift SRE - Normal operations ^[1]^| Read: All
 
 Write: Very
 
-limited ^[1]^
+limited
 | Read: All
 
 Write: None
-| Read: None^[2]^
+| Read: None
 
 Write: None
-|Read: All ^[3]^
+|Read: None
+
+Write: None
+
+|OpenShift SRE - Elevated Access ^[2]^ (Gated by link:https://docs.openshift.com/rosa/support/approved-access.html[Approved Access])| Read: All
+
+Write: All
+
+| Read: All
 
-Write: All ^[3]^
+Write: All
+| Read: All
+
+Write: All
+|Read: All
+
+Write: All
 
 |CEE
 |Read: All
@@ -38,7 +52,7 @@ Write: None
 
 Write: None
 
-|Read: None^[2]^
+|Read: None
 
 Write: None
 
@@ -72,9 +86,9 @@ Write: None
 
 Write: None
 
-|Read: Limited^[4]^
+|Read: Limited ^[3]^
 
-Write: Limited^[4]^
+Write: Limited ^[3]^
 
 |Read: None
 
@@ -97,7 +111,6 @@ Write: None
 |===
 --
 1. Limited to addressing common use cases such as failing deployments, upgrading a cluster, and replacing bad worker nodes.
-2. Red{nbsp}Hat associates have no access to customer data by default.
-3. SRE access to the AWS account is an emergency procedure for exceptional troubleshooting during a documented incident.
-4. Limited to what is granted through RBAC by the Customer Administrator and namespaces created by the user.
+2. Elevated access gives SRE the access levels of a cluster-admin role. See link:https://docs.openshift.com/container-platform/4.17/authentication/using-rbac.html#default-roles_using-rbac[cluster roles] for more information.
+3. Limited to what is granted through RBAC by the Customer Administrator and namespaces created by the user.
 --

support/approved-access.adoc

@@ -9,7 +9,9 @@ endif::[]
 
 toc::[]
 
-Red{nbsp}Hat Site Reliability Engineering (SRE) typically does not require an elevated access to systems as part of normal operations to manage and support {product-title} clusters. In the unlikely event that SRE needs elevated access to systems, you can use the _Approved Access_ interface to review and _approve_ or _deny_ access to these systems.
+Red{nbsp}Hat Site Reliability Engineering (SRE) typically does not require elevated access to systems as part of normal operations to manage and support {product-title} clusters. Elevated access gives SRE the access levels of a cluster-admin role. See link:https://docs.openshift.com/container-platform/4.17/authentication/using-rbac.html#default-roles_using-rbac[cluster roles] for more information.
+
+In the unlikely event that SRE needs elevated access to systems, you can use the _Approved Access_ interface to review and _approve_ or _deny_ access to these systems.
 
 Elevated access requests to clusters on {product-rosa} clusters and the corresponding cloud accounts can be created by SRE either in response to a customer-initiated support ticket or in response to alerts received by SRE as part of the standard incident response process.